필요한 패키지 설치

yum install sendmail-cf cyrus-sasl-plain

인증서 준비

mkdir /etc/mail/certs
cd /etc/mail/certs
ln -s /etc/pki/tls/certs/ca-bundle.crt /etc/mail/certs/ca-bundle.crt

아래 명령으로 키 생성

[root@unply certs]# openssl req -new -x509 -keyout cakey.pem -out cacert.pem -days 3650
Generating a 2048 bit RSA private key
....................+++
.....................................................................................................................................................................................................................+++
writing new private key to 'cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:KR
State or Province Name (full name) []:Seoul
Locality Name (eg, city) [Default City]:Seoul
Organization Name (eg, company) [Default Company Ltd]:unply.com
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:unply
Email Address []:root@unply.com
[root@unply certs]# openssl req -nodes -new -x509 -keyout sendmail.pem -out sendmail.pem -days 3650
Generating a 2048 bit RSA private key
..........................+++
...........................+++
writing new private key to 'sendmail.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:KR
State or Province Name (full name) []:Seoul
Locality Name (eg, city) [Default City]:Seoul
Organization Name (eg, company) [Default Company Ltd]:unply.com
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:unply
Email Address []:root@unply.com
chmod 600 /etc/mail/certs/*.pem 

접속 정보 설정

mkdir /etc/mail/auth
vi /etc/mail/auth/client-info

디렉토리 생성 후 아래의 내용으로 파일 작성 (대괄호로 묶인 부분은 자기 계정 정보로 교체)

/etc/mail/auth/client-info
AuthInfo:smtp.gmail.com "U:root" "I:[USERNAME]@gmail.com" "P:[PASSWORD]" "M:PLAIN"
AuthInfo:smtp.gmail.com:587 "U:root" "I:[USERNAME]@gmail.com" "P:[PASSWORD]" "M:PLAIN"

작성된 파일을 sendmail map 파일로 변환하고 접근 권한을 변환해준다

makemap -r hash /etc/mail/auth/client-info.db < /etc/mail/auth/client-info
chmod 600 /etc/mail/auth/client-info /etc/mail/auth/client-info.db

/etc/mail/sendmail.mc 파일 수정

Before
dnl define(`SMART_HOST', `smtp.your.provider')dnl

...

dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

...

dnl define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
After
define(`SMART_HOST', `smtp.gmail.com')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info.db')dnl

...

TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

...

define(`CERT_DIR', `/etc/mail/certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/ca-bundle.crt')dnl
define(`confCRL', `CERT_DIR/ca-bundle.crt')dnl
define(`confSERVER_CERT', `CERT_DIR/sendmail.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/sendmail.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/sendmail.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/sendmail.pem')dnl

설정 파일을 cf 파일로 변환해주고 sendmail 리스타트

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
/etc/init.d/sendmail restart

테스트

<?
var_dump(mail(
	'JaeYong Lee <crizin@daum.net>',
	'Sendmail relay test',
	"<h1>Test</h1>\n<p>It works!</p>",
	"From: Administrator <crizin@gmail.com>\r\nContent-type: text/html; charset=utf-8"
));

참고